The Threat Intel Manager for Model Exploitation & Fraud will set strategy, hire and lead a team of technical investigators, build systems and processes to detect, investigate, and disrupt large-scale exploitation of Anthropic’s AI systems. The role involves managing complex investigations, redesigning triage pipelines, expanding coverage into fraud and scams, and engaging with U.S. government partners and industry peers to share intelligence and drive product mitigations. This manager will operate in a hybrid environment based in San Francisco, CA.
Threat Intel Manager, Model Exploitation & Fraud en Anthropic
Híbrido - San Francisco, CA
Más vacantes en AnthropicSalary
USD 375,000 - 455,000
Requirements
Skills
- Have led and managed investigative, fraud, platform integrity, or threat intelligence teams, ideally ones built around senior, deeply specialized individual contributors
- Have strong domain fluency in scaled abuse — fraud patterns, account abuse, unauthorized access, or platform exploitation economics — sufficient to set priorities, pressure-test findings, and earn the confidence of expert investigators
- Are proficient enough in SQL and Python to review data-heavy casework, pressure-test conclusions, and provide surge capacity when the team needs it
- Have experience overseeing investigations that track threat actors across surface, deep, and dark web environments, including reseller and access-broker communities
- Have working familiarity with large language models and a strong grasp of how models can be distilled, extracted, or exploited at scale
- Have built processes, detection systems, or programs from scratch and can show what changed because of them
- Communicate crisply with executives, engineers, and external partners alike
- Bachelor’s degree or an equivalent combination of education, training, and/or experience
Responsibilities
- Own strategy, priorities, and outcomes for the Model Exploitation & Fraud mission area; define what we detect, investigate, action, and share
- Hire, manage, and develop a team of technical threat investigators; set the quality bar for casework and intelligence reporting
- Design clear lanes between this role and the team's senior individual contributors: strategy, people leadership, and program ownership sit with you, while ownership of the deepest technical investigations and tradecraft stays with the senior experts closest to the work
- Capable of independently leading complex investigations
- Direct, prioritize, and resource complex investigations into model distillation, unauthorized AI R&D usage, unauthorized access, coordinated account abuse, and fraud/scam networks, partnering with the senior investigators who lead the deepest technical casework and clearing blockers from their path
- Drive the redesign of triage for a very high-volume detection pipeline: partner with investigators and engineering to build abuse signals, clustering, and agentic investigation workflows that separate sophisticated actors from noise
- Expand the team's coverage into fraud and scams, building the detection and investigation playbooks from the ground up
- Own the external engagement program for the area, including regular intelligence sharing with U.S. government partners and industry peers, ensuring the investigators driving the work are visible in those channels
- Anticipate how resellers, proxies, and third-party platforms change the abuse surface, and shape coverage accordingly
- Work with policy, enforcement, and engineering to convert findings into bans, product mitigations, and safety-by-design improvements
- Define and report the team's metrics; brief Safeguards and company leadership on the threat landscape
Technologies
SQLPythonlarge language modelsabuse signalsclusteringagentic investigation workflows
Descubre si tu currículum está listo para esta vacante
Mira cómo nuestra IA puede optimizar tu currículum y aumentar tus chances en este puesto.